| Message ID | X8jXkt6eThjyVP1v@mwanda (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | scsi: be2iscsi: revert "Fix a theoretical leak in beiscsi_create_eqs()" | expand |
On Thu, Dec 03, 2020 at 03:18:26PM +0300, Dan Carpenter wrote: > My patch caused kernel Oopses and delays in boot. Revert it. > > The problem was that I moved the "mem->dma = paddr;" before the call to > be_fill_queue(). But the first thing that the be_fill_queue() function > does is memset the whole struct to zero which overwrites the assignment. > > Fixes: 38b2db564d9a ("scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()") > Reported-by: Thomas Lamprecht <t.lamprecht@proxmox.com> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Can someone please add: Cc: stable <stable@vger.kernel.org> to this so we know to pick it up quickly there? thanks, greg k-h
On Thu, 3 Dec 2020 15:18:26 +0300, Dan Carpenter wrote: > My patch caused kernel Oopses and delays in boot. Revert it. > > The problem was that I moved the "mem->dma = paddr;" before the call to > be_fill_queue(). But the first thing that the be_fill_queue() function > does is memset the whole struct to zero which overwrites the assignment. Added Cc: stable and applied to 5.10/scsi-fixes, thanks! [1/1] scsi: be2iscsi: revert "Fix a theoretical leak in beiscsi_create_eqs()" https://git.kernel.org/mkp/scsi/c/eeaf06af6f87
diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c index 50e464224d47..90fcddb76f46 100644 --- a/drivers/scsi/be2iscsi/be_main.c +++ b/drivers/scsi/be2iscsi/be_main.c @@ -3020,7 +3020,6 @@ static int beiscsi_create_eqs(struct beiscsi_hba *phba, goto create_eq_error; } - mem->dma = paddr; mem->va = eq_vaddress; ret = be_fill_queue(eq, phba->params.num_eq_entries, sizeof(struct be_eq_entry), eq_vaddress); @@ -3030,6 +3029,7 @@ static int beiscsi_create_eqs(struct beiscsi_hba *phba, goto create_eq_error; } + mem->dma = paddr; ret = beiscsi_cmd_eq_create(&phba->ctrl, eq, BEISCSI_EQ_DELAY_DEF); if (ret) { @@ -3086,7 +3086,6 @@ static int beiscsi_create_cqs(struct beiscsi_hba *phba, goto create_cq_error; } - mem->dma = paddr; ret = be_fill_queue(cq, phba->params.num_cq_entries, sizeof(struct sol_cqe), cq_vaddress); if (ret) { @@ -3096,6 +3095,7 @@ static int beiscsi_create_cqs(struct beiscsi_hba *phba, goto create_cq_error; } + mem->dma = paddr; ret = beiscsi_cmd_cq_create(&phba->ctrl, cq, eq, false, false, 0); if (ret) {
My patch caused kernel Oopses and delays in boot. Revert it. The problem was that I moved the "mem->dma = paddr;" before the call to be_fill_queue(). But the first thing that the be_fill_queue() function does is memset the whole struct to zero which overwrites the assignment. Fixes: 38b2db564d9a ("scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()") Reported-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> --- My original patch was basically a clean up patch and to try silence a static checker warning. I've already updated the static checker to not warn about impossible leaks and in this case we know that be_fill_queue() cannot fail. I was tempted to delete the "mem->va = eq_vaddress;" assignment as a clean up but I didn't. :P drivers/scsi/be2iscsi/be_main.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)